{"id":18656245,"url":"https://github.com/bayfrontmedia/php-jwt","last_synced_at":"2026-02-02T23:16:52.410Z","repository":{"id":56950542,"uuid":"305560479","full_name":"bayfrontmedia/php-jwt","owner":"bayfrontmedia","description":"A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519.","archived":false,"fork":false,"pushed_at":"2024-12-23T20:20:54.000Z","size":26,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-11-27T14:40:48.239Z","etag":null,"topics":["decode","encode","json","jwt","php","token"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bayfrontmedia.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-10-20T01:49:05.000Z","updated_at":"2024-12-23T20:20:31.000Z","dependencies_parsed_at":"2025-05-12T14:15:49.397Z","dependency_job_id":"18f95e75-9933-4dda-91fb-10a71051a472","html_url":"https://github.com/bayfrontmedia/php-jwt","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/bayfrontmedia/php-jwt","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bayfrontmedia%2Fphp-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bayfrontmedia%2Fphp-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bayfrontmedia%2Fphp-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bayfrontmedia%2Fphp-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bayfrontmedia","download_url":"https://codeload.github.com/bayfrontmedia/php-jwt/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bayfrontmedia%2Fphp-jwt/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29022777,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-02T22:20:39.141Z","status":"ssl_error","status_checked_at":"2026-02-02T22:20:37.621Z","response_time":58,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["decode","encode","json","jwt","php","token"],"created_at":"2024-11-07T07:22:30.776Z","updated_at":"2026-02-02T23:16:52.382Z","avatar_url":"https://github.com/bayfrontmedia.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"## PHP-JWT\n\nA simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to [RFC 7519](https://tools.ietf.org/html/rfc7519).\n\nCurrently, the only supported algorithm is \"HS256\". \nSupport for additional algorithms is planned for future versions.\n\n- [License](#license)\n- [Author](#author)\n- [Requirements](#requirements)\n- [Installation](#installation)\n- [Usage](#usage)\n\n## License\n\nThis project is open source and available under the [MIT License](LICENSE).\n\n## Author\n\n\u003cimg src=\"https://cdn1.onbayfront.com/bfm/brand/bfm-logo.svg\" alt=\"Bayfront Media\" width=\"250\" /\u003e\n\n- [Bayfront Media homepage](https://www.bayfrontmedia.com?utm_source=github\u0026amp;utm_medium=direct)\n- [Bayfront Media GitHub](https://github.com/bayfrontmedia)\n\n## Requirements\n\n* PHP `^8.0` (Tested up to `8.4`)\n* JSON PHP extension\n\n## Installation\n\n```\ncomposer require bayfrontmedia/php-jwt\n```\n\n## Usage\n\nA private, reproducible secret must be passed to the constructor. \nThe same secret used to encode the JWT must also be used when decoding in order to verify the signature.\n\nA cryptographically secure secret can be generated using the static `createSecret()` method, if needed.\n\n```\nuse Bayfront\\JWT\\Jwt;\n\n$secret = Jwt::createSecret(); // Be sure to save the secret to be used to decode the JWT\n\n$jwt = new Jwt($secret);\n```\n\n### Public methods\n\n- [createSecret](#createsecret)\n- [getHeader](#getheader)\n- [setHeader](#setheader)\n- [removeHeader](#removeheader)\n- [getPayload](#getpayload)\n- [setPayload](#setpayload)\n- [removePayload](#removepayload)\n- [aud](#aud)\n- [exp](#exp)\n- [iat](#iat)\n- [iss](#iss)\n- [jti](#jti)\n- [nbf](#nbf)\n- [sub](#sub)\n- [encode](#encode)\n- [decode](#decode)\n- [validateSignature](#validatesignature)\n- [validateClaims](#validateclaims)\n\n\u003chr /\u003e\n\n### createSecret\n\n**Description:**\n\nCreate a cryptographically secure secret of random bytes.\n\n**NOTE:** Secrets are meant to be stored, as the same secret used to encode a JWT must be used to decode it.\n\n**Parameters:**\n\n- `$characters = 32` (int): Number of characters\n\n**Returns:**\n\n- (string)\n\n**Throws:**\n\n- `Exception`\n\n**Example:**\n\n```\nuse Bayfront\\JWT\\Jwt;\n\ntry {\n    \n    $secret = Jwt::createSecret();\n    \n} catch (Exception $e) {\n    die($e-\u003egetMessage());\n}\n```\n\n\u003chr /\u003e\n\n### getHeader\n\n**Description:**\n\nReturns current header array.\n\n**Parameters:**\n\n- None\n\n**Returns:**\n\n- (array)\n\n**Example:**\n\n```\nprint_r($jwt-\u003egetHeader());\n```\n\n\u003chr /\u003e\n\n### setHeader\n\n**Description:**\n\nSet custom value(s) to the current header array. \n\n**Parameters:**\n\n- `$header` (array): Key/value pairs to set to the header array\n\n**Returns:**\n\n- (self)\n\n**Example:**\n\n```\n$header = [\n    'cty' =\u003e 'custom-content-type;v=1'\n];\n\n$jwt-\u003esetHeader($header);\n```\n\n\u003chr /\u003e\n\n### removeHeader\n\n**Description:**\n\nRemove header key, if existing.\n\n**Parameters:**\n\n- `$key` (string)\n\n**Returns:**\n\n- (self)\n\n**Example:**\n\n```\n$jwt-\u003eremoveHeader('cty');\n```\n\n\u003chr /\u003e\n\n### getPayload\n\n**Description:**\n\nReturns current payload array.\n\n**Parameters:**\n\n- None\n\n**Returns:**\n\n- (array)\n\n**Example:**\n\n```\nprint_r($jwt-\u003egetPayload());\n```\n\n\u003chr /\u003e\n\n### setPayload\n\n**Description:**\n\nSet custom value(s) to the current payload array.\n\n**Parameters:**\n\n- `$payload` (array): Key/value pairs to set to the payload array\n\n**Returns:**\n\n- (self)\n\n**Example:**\n\n```\n$payload = [\n    'user_id' =\u003e 10\n];\n\n$jwt-\u003esetPayload($payload);\n```\n\n\u003chr /\u003e\n\n### removePayload\n\n**Description:**\n\nRemove payload key, if existing.\n\n**Parameters:**\n\n- `$key` (string)\n\n**Returns:**\n\n- (self)\n\n**Example:**\n\n```\n$jwt-\u003eremovePayload('user_id');\n```\n\n\u003chr /\u003e\n\n### aud\n\n**Description:**\n\nSet audience.\n\n**Parameters:**\n\n- `$aud` (string)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### exp\n\n**Description:**\n\nSet expiration time.\n\n**Parameters:**\n\n- `$exp` (int)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### iat\n\n**Description:**\n\nSet issued at time.\n\n**Parameters:**\n\n- `$iat` (int)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### iss\n\n**Description:**\n\nSet issuer.\n\n**Parameters:**\n\n- `$iss` (string)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### jti\n\n**Description:**\n\nSet JWT ID.\n\n**Parameters:**\n\n- `$jti` (string)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### nbf\n\n**Description:**\n\nSet not before time.\n\n**Parameters:**\n\n- `$nbf` (int)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### sub\n\n**Description:**\n\nSet subject.\n\n**Parameters:**\n\n- `$sub` (string)\n\n**Returns:**\n\n- (self)\n\n\u003chr /\u003e\n\n### encode\n\n**Description:**\n\nEncode and return a signed JWT.\n\n**Parameters:**\n\n- `$payload = []` (array)\n\n**Returns:**\n\n- (string)\n\n**Example:**\n\n```\n$now = time();\n\n$token = $jwt-\u003eiss('API key whose secret signs the token')\n    -\u003eiat($now)    \n    -\u003enbf($now)\n    -\u003eexp($now + 86400) // 24 hours\n    -\u003eencode([\n        'user_id' =\u003e 10\n    ]);\n```\n\n\u003chr /\u003e\n\n### decode\n\n**Description:**\n\nDecode a JWT.\n\nThis method validates the token structure as three segments separated by dots.\n\nThe returned array will contain the keys `header`, `payload` and `signature`.\n\nIf `$validate = true`, the signature and claims will also be validated.\n\n**Parameters:**\n\n- `$jwt` (string): The JWT itself or the entire `Authorization` header can be used\n- `$validate = true` (bool): Validate signature and claims\n\n**Returns:**\n\n- (array)\n\n**Throws:**\n\n- `Bayfront\\JWT\\TokenException`\n\n**Example:**\n\n```\ntry {\n\n    $decoded = $jwt-\u003edecode('encoded.jwt');\n\n} catch (TokenException $e) {\n    die($e-\u003egetMessage());\n}\n```\n\n\u003chr /\u003e\n\n### validateSignature\n\n**Description:**\n\nValidate signature.\n\n**Parameters:**\n\n- `$jwt` (string): The JWT itself or the entire `Authorization` header can be used\n\n**Returns:**\n\n- (self)\n\n**Throws:**\n\n- `Bayfront\\JWT\\TokenException`\n\n**Example:**\n\n```\ntry {\n\n    $decoded = $jwt-\u003evalidateSignature('encoded.jwt')-\u003edecode('encoded.jwt', false);\n\n} catch (TokenException $e) {\n    die($e-\u003egetMessage());\n}\n```\n\n\u003chr /\u003e\n\n### validateClaims\n\n**Description:**\n\nValidate the claims \"iat\", \"nbf\" and \"exp\", if existing.\n\n**Parameters:**\n\n- `$jwt` (string): The JWT itself or the entire `Authorization` header can be used\n\n**Returns:**\n\n- (self)\n\n**Throws:**\n\n- `Bayfront\\JWT\\TokenException`\n\n**Example:**\n\n```\ntry {\n\n    $decoded = $jwt-\u003evalidateClaims('encoded.jwt')-\u003edecode('encoded.jwt', false);\n\n} catch (TokenException $e) {\n    die($e-\u003egetMessage());\n}\n```\n\n\u003chr /\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbayfrontmedia%2Fphp-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbayfrontmedia%2Fphp-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbayfrontmedia%2Fphp-jwt/lists"}